Commit 0a39c310 authored by Steve French's avatar Steve French Committed by Steve French

More NTLMv2

parent 0a119366
......@@ -142,50 +142,60 @@ int cifs_calculate_mac_key(char * key, const char * rn, const char * password)
int CalcNTLMv2_partial_mac_key(struct cifsSesInfo * ses, struct nls_table * nls_info)
{
char temp_key[16];
char temp_hash[16];
struct HMACMD5Context ctx;
char * ucase_buf;
wchar_t * unicode_buf;
unsigned int i,user_len,dom_len;
unsigned int i,user_name_len,dom_name_len;
if(ses)
return -EINVAL;
E_md4hash(ses->password_with_pad, temp_key);
E_md4hash(ses->password_with_pad, temp_hash);
hmac_md5_init_limK_to_64(temp_key, 16, &ctx);
user_len = strlen(ses->userName);
if(user_len > MAX_USERNAME_SIZE)
hmac_md5_init_limK_to_64(temp_hash, 16, &ctx);
user_name_len = strlen(ses->userName);
if(user_name_len > MAX_USERNAME_SIZE)
return -EINVAL;
dom_len = strlen(ses->domainName);
if(dom_len > MAX_USERNAME_SIZE)
dom_name_len = strlen(ses->domainName);
if(dom_name_len > MAX_USERNAME_SIZE)
return -EINVAL;
ucase_buf = kmalloc((MAX_USERNAME_SIZE+1), GFP_KERNEL);
unicode_buf = kmalloc((MAX_USERNAME_SIZE+1)*2, GFP_KERNEL);
unicode_buf = kmalloc((MAX_USERNAME_SIZE+1)*4, GFP_KERNEL);
for(i=0;i<user_len;i++)
for(i=0;i<user_name_len;i++)
ucase_buf[i] = nls_info->charset2upper[(int)ses->userName[i]];
ucase_buf[i] = 0;
user_len = cifs_strtoUCS(unicode_buf, ucase_buf, MAX_USERNAME_SIZE*2, nls_info);
/* BB inc user_len + 2 or 2 for trailing nulls? */
/* Add call to hmac md5 user BB */
user_name_len = cifs_strtoUCS(unicode_buf, ucase_buf, MAX_USERNAME_SIZE*2, nls_info);
unicode_buf[user_name_len] = 0;
user_name_len++;
for(i=0;i<dom_len;i++)
for(i=0;i<dom_name_len;i++)
ucase_buf[i] = nls_info->charset2upper[(int)ses->domainName[i]];
ucase_buf[i] = 0;
dom_len = cifs_strtoUCS(unicode_buf, ucase_buf, MAX_USERNAME_SIZE*2, nls_info);
/* BB inc dom_len + 1 or 2 for trailing nulls? */
dom_name_len = cifs_strtoUCS(unicode_buf+user_name_len, ucase_buf, MAX_USERNAME_SIZE*2, nls_info);
/* Add call to hmac md5 domain */
/* BB add hmac md5 final BB */
unicode_buf[user_name_len + dom_name_len] = 0;
hmac_md5_update((const unsigned char *) unicode_buf,
(user_name_len+dom_name_len)*2,&ctx);
hmac_md5_final(ses->mac_signing_key,&ctx);
kfree(ucase_buf);
kfree(unicode_buf);
return 0;
}
void CalcNTLMv2_response(const struct cifsSesInfo * ses,char * v2_session_response)
{
struct HMACMD5Context context;
memcpy(v2_session_response + 8, ses->server->cryptKey,8);
/* gen_blob(v2_session_response + 16); */
hmac_md5_init_limK_to_64(ses->mac_signing_key, 16, &context);
hmac_md5_update(ses->server->cryptKey,8,&context);
/* hmac_md5_update(v2_session_response+16)client thing,8,&context); */ /* BB fix */
hmac_md5_final(v2_session_response,&context);
}
......@@ -229,8 +229,7 @@ extern int cifs_verify_signature(const struct smb_hdr *, const char * mac_key,
__u32 expected_sequence_number);
extern int cifs_calculate_mac_key(char * key,const char * rn,const char * pass);
extern void CalcNTLMv2_partial_mac_key(struct cifsSesInfo *, struct nls_table *);
/* BB routines below not implemented yet BB */
extern void CalcNTLMv2_response(const struct cifsSesInfo *,char * );
extern int CIFSBuildServerList(int xid, char *serverBufferList,
int recordlength, int *entries,
......
......@@ -665,12 +665,18 @@ int setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo, struct nls_tab
nls_info);
if (!rc) {
if(ntlmv2_flag) {
char * v2_response;
cFYI(1,("Can use more secure NTLM version 2 password hash"));
/* SMBNTv2encrypt( ...); */ /* BB fix this up */
CalcNTLMv2_partial_mac_key(pSesInfo,
nls_info);
/* cifs_calculate_ntlmv2_mac_key(pSesInfo->mac_signing_key, ntlm_session_key, */
v2_response = kmalloc(16 + 64 /* blob */, GFP_KERNEL);
if(v2_response) {
CalcNTLMv2_response(pSesInfo,v2_response);
/* cifs_calculate_ntlmv2_mac_key(pSesInfo->mac_signing_key, response, ntlm_session_key, */
kfree(v2_response);
/* BB Put dummy sig in SessSetup PDU? */
} else
rc = -ENOMEM;
} else {
SMBNTencrypt(pSesInfo->password_with_pad,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment